Disable tracing on FreeBSD using procctl. (OpenSSH Portable 8.8)
Ed Maste
emaste at freebsd.org
Mon Nov 7 01:34:05 AEDT 2022
On Sat, 5 Nov 2022 at 21:02, Darren Tucker <dtucker at dtucker.net> wrote:
>
> Maybe it should try the "0" version, then if that fails try the
> getpid() version and only then fail if "strict" is set?
Ah, yes that sounds like the way to do it, and with no extra overhead
for the usual (recent kernel) case. Something like this?
diff --git a/platform-tracing.c b/platform-tracing.c
index c2810f2d0..1c2105363 100644
--- a/platform-tracing.c
+++ b/platform-tracing.c
@@ -32,6 +32,7 @@
#include <stdarg.h>
#include <stdio.h>
#include <string.h>
+#include <unistd.h>
#include "log.h"
@@ -42,7 +43,12 @@ platform_disable_tracing(int strict)
/* On FreeBSD, we should make this process untraceable */
int disable_trace = PROC_TRACE_CTL_DISABLE;
- if (procctl(P_PID, 0, PROC_TRACE_CTL, &disable_trace) && strict)
+ if (procctl(P_PID, 0, PROC_TRACE_CTL, &disable_trace) == 0)
+ return;
+ /* Old FreeBSD versions do not accept 0 as current PID */
+ if (procctl(P_PID, getpid(), PROC_TRACE_CTL, &disable_trace) == 0)
+ return;
+ if (strict)
fatal("unable to make the process untraceable: %s",
strerror(errno));
#endif
More information about the openssh-unix-dev
mailing list